Interviews | February 16, 2018

Black Hat Sponsor Interviews: SentinelOne and Qualys

Tomer Weingarten

Tomer Weingarten


Q: You recently appointed Intel's David Ginat as the new R&D chief at SentinelOne. What is his mission? What are some of the emerging security technologies on which SentinelOne is focusing its R&D efforts?

Ginat will lead SentinelOne's R&D operations in Israel, where he'll be responsible for building new, innovative product features in the SentinelOne platform, empowering the company's more than 2,000 customers to protect, detect, respond and remediate attacks from a single, converged platform. David's experience at Intel demonstrates that he is adept at building and delivering large-scale projects required for today's enterprise environments. He is also a skilled leader who excels at building high-performing teams and providing product excellence. Given the fast pace and critical nature of the cybersecurity landscape, David has the right skillset to lead R&D for SentinelOne as we shape the network of the future.

Q: Tell us about your new SentinelOne Vigilance Service. How is it different from or better than threat hunting and response services offered by other vendors?

SentinelOne Vigilance is a turnkey solution, built on SentinelOne Endpoint Protection Platform, to augment security and IT teams in accelerating the detection, prioritization, and response to advanced cyber threats and reducing the risk of missing critical alerts. Unlike other services available out there, Vigilance amplifies SentinelOne's technology and offers guaranteed SLA.

Our customers also benefit from the extensive visibility and automation capabilities of SentinelOne to maximize their security coverage and speed of response. Vigilance Cybersecurity Analysts assess suspicious alerts, review raw data on threats and network connections, and collaborate with security researchers to identify and prioritize events. Vigilance cybersecurity analysts will also notify security personnel, help orchestrate security operations, and execute appropriate policy-driven actions to limit the impact of any threat to an organization.

Q: SentinelOne had a pretty successful 2017 both from a customer acquisition standpoint and regarding raising growth capital. What do you want attendees at Black Hat Asia 2018 to know about your strategy in the region and how your company can help address their security challenges?

2017 was a fantastic year for Sentinelone. We've experienced 300% year over year growth, and we have established a market share including leading businesses across many industries. Finance retail, healthcare, government and many more, including cybersecurity companies trust the SentinelOne platform to protect their assets and to ensure their business continuity. We've managed to build a unique offering that solves the problem of cybersecurity in an automated way, so our customers can save resources for maintaining their security.

As enterprises in Asia are attracting more and more businesses and the market is on the rise, it also draws cybercriminals looking into how to compromise such companies, either by ransomware, cryptominers, Trojans but also targeted attacks. We've seen new malware campaigns starting in Asia, and SentinelOne's unique technology, which does not rely on a specific malware type or vector or depends on prior knowledge, is proven very efficient for enterprises in Asia.

Doug Browne

Doug Browne
Managing Director, APAC


Q: What does Qualys' recent purchase of NetWatcher mean for customers? What specific enterprise requirements will the acquisition help Qualys address?

NetWatcher has a comprehensive cybersecurity and threat intelligence service that helps businesses effectively manage cyber threats, provide incident response, and manage compliance across on-premises, hybrid and cloud environments. The capability that is added in terms of advanced correlation of data from multiple sources such as intrusion detection, netflow analytics and log analysis is important to Qualys' clients globally. The integration of NetWatcher's technology into the Qualys Cloud Platform allows us to deliver this enhanced capability at scale to our clients who are looking for enhancements in their real-time threat intelligence programs.

Q: What do organizations need to know about the latest vulnerability trends and how to prioritize responses to the high risks ones? How does Qualys help in this regard?

Qualys provides this prioritization as a service to our clients. Qualys researches and monitors external threat feeds and using this information we are able to apply this to your environment. This is delivered as a service using our Threat Protection module. Threat Protection continuously correlates external threat information against a customer's known asset inventory and vulnerability status using the Qualys cloud platform's back-end engine to carry out this task at scale and doing all of the intensive data analytics. This allows our clients to pinpoint and prioritize remediation of the vulnerabilities which pose the greatest risk to their organization at any given time based on these real-time threat indicators (RTI's).

Q: Why is being at Black Hat Asia 2018 important for Qualys? What do you want people attending the show to know about Qualys' plans in the APAC region?

Black Hat Asia has always been important to Qualys as it is a community-focused event where security professionals are able to gather in an open and collaborative environment. The ideas shared and discussed at BlackHat are always real world issues, and where better to find a group of people to discuss some of your own possible challenges and get advice than Black Hat Asia 2018? It is important that our clients and new prospects realize that Qualys supports this community. Our plans for the APAC region have included the recent addition of a Qualys Security Operations Center to extend our public cloud in region. Qualys realizes that security and compliance is a priority for this region and we continue to grow our presence and client base.

The Qualys Cloud Platform has added a number of new applications and enhancements so that we can provide a holistic solution whilst allowing our clients to avoid the cost and complexities of managing multiple security vendors. Using our cloud platform provisioning these cloud apps is as easy as checking a box. The Qualys Cloud Platform then gathers and analyses the security and compliance data — this is the true power of our cloud platform.

Sustaining Partners